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REMARKS/ARGUMENTS 

Prior to the entry of this Amendment, claims 1-48 were pending in this 
Application. Claims 1, 2, 5, 6, 8, 10-17, 19, 21-24, 28, 30-35, 37-39, 41-45, 47, and 48 are 
amended herein. No claims have been added and no claims have been canceled. Therefore 
claims 1-48 remain pending in this application. Applicant respectfully requests reconsideration 
of these claims as amended for at least the reasons presented below. 

35 U.S.C. IS 102(e) Rejection, Purpura 

The Office Action has rejected claims 1-48 under 35 U.S.C. § 102(e) as being 
unpatentable over U. S. Patent No. 6,421,768 Bl of Purpura (hereinafter "Purpura"). The 
Applicants respectfully submit the following arguments pointing out significant differences 
between claims 1-48 submitted by the Applicants and Purpura. 

Purpura is directed to "securely transferring user authentication information from 
a first computer to one or more other computers to allow the user to interact with the other 
computers without necessarily having to explicitly identify himself thereto." (Col. 1, lines 8-12 
and col. 2, lines 19-22) More specifically, Purpura teaches a single sign-on method. (Col. 2, 
lines 23-24) "Thus, if a second computer trusts the methods used by a first computer to 
authenticate a user, then the second computer can use a cryptographically assured cookie created 
by the first computer to authenticate the user, without requiring the user to perform an explicit 
authentication step at the second computer." (Col. 2, lines 24-29) 

That is, Purpura discloses a single sign-on method that, as is typical of single 
sign-on, allows a user to access a second computer system based on his access of a first computer 
system. In other words, under Purpura, a user can logon to or access a first system which 
performs any necessary authentication. The first system then issues a token, in this case, a 
"cryptographically assured cookie," to the user. The same user can then use this token to access 



OID-2005- 164-01 



Page 19 of 21 



Appl. No. 09/998,9 1 5 PATENT 

Amdt. dated: December 16, 2005 

Reply to Office Action of September 2 1 , 2005 

other systems without re-authenticating. However, Purpura does not disclose impersonation, 
i.e., authorizing a first user to access a system or resource as a second user. 

Claim; 1, upon which claims 2-15 depend, claim 28, upon which claims 29-38 
depend, and claim 35, upon which claims 36-38 depend, each recite in part "receiving 
authentication credentials for a first user and an identification of a second user; authenticating 
said first user based on said authentication credentials for said first user; creating a cookie that 
stores an indication of said second user if said step of authenticating is performed successfully; 
and authorizing said first user to access a first resource as said second user based on said 
cookie." Purpura does not disclose authorizing a first user to access a first resource as a second 
user. Rather, Purpura teaches allowing a user to access a system based on a token provided by 
another system, i.e., single sign-on. For at least these reasons, claims 1-15, 28-38, and 35-38 
should be allowed. 

Claim 16, upon which claims 17-23 depend, claim 39, upon which claims 40-44 
depend, and claim 45, upon which claims 46-48 depend, each recite in part "receiving 
authentication credentials for an impersonator and an identification of an impersonatee at an 
access system, wherein said access system protects a first resource that is separate from said 
access system; authenticating said impersonator based on said authentication credentials for said 
impersonator, wherein said step of authenticating is performed by said access system; and 
authorizing said impersonator to access said first resource as said impersonatee, wherein said 
step of authorizing is performed by said access system." Purpura does not disclose authorizing 
an impersonator to access a first resource as an impersonate. Rather, Purpura teaches allowing a 
user to access a system based on a token provided by another system, i.e., single sign-on. For at 
least these reasons, claims 16-23, and 39-48 should be allowed. 

Claim 24, upon which claims 25-27 depend, recites in part "receiving 
authentication credentials for the first entity and an identification of the second entity at an 
access system, wherein said access system protects a plurality of resources; receiving an 
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indication of one or more of said plurality of resources; authenticating said first entity based on 
said authentication credentials for said first entity, wherein said step of authenticating is 
performed by said access system; and authorizing said first entity to access said one or more of 
said plurality of resources as said second entity, wherein said step of authorizing is performed by 
said access system." Purpura does not teach or suggest authorizing a first entity to access one or 
more of a plurality of resources as a second entity. Rather, Purpura teaches allowing a user to 
access a system based on a token provided by another system, i.e., single sign-on. For at least 
these reasons, claims 24-27 should be allowed. 



In view of the foregoing, Applicants believe all claims now pending in this 
Application are in condition for allowance. The issuance of a formal Notice of Allowance at an 
early date is respectfully requested. 

If the Examiner believes a telephone conference would expedite prosecution of 
this application, please telephone the undersigned at 303-571-4000. 

Respectfully submitted, 



TOWNSEND and TOWNSEND and CREW LLP 
Two Embarcadero Center, Eighth Floor 
San Francisco, California 941 1 1-3834 
Tel: 303-571-4000 
Fax: 303-571-4321 
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William J. Daley 
Reg. No. 52,471 
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